Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: sex.exe - TR/Dropper.Gen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 29.07.2010, 22:16   #1
ewigergert
 
sex.exe - TR/Dropper.Gen - Standard

sex.exe - TR/Dropper.Gen



Hi,

hatte ewig keine Virenprobleme mehr, aber jetzt hats mich wohl erwischt.
AntiVir meldet:
Zitat:
In der Datei 'C:\Users\Administrator\AppData\Local\Temp\IXP000.TMP\sex.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Dropper.Gen' [trojan] gefunden.
Und Nein, ich habe nicht irgendeine sex.exe runtergeladen und ausgeführt, keine Ahnung wie der Sch**** draufkommt.
Ich hab eure Programme (CCleaner, Malwarebytes Antimalware & OTL) durchlaufen lassen, leider sagen mir viele Einträge in den Log-Dateien nichts, daher wäre es schön wenn die einer mal anguckt.



Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Datenbank Version: 4367

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

29.07.2010 22:50:14
mbam-log-2010-07-29 (22-50-14).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 124622
Laufzeit: 3 Minute(n), 6 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)



OTL Extras.txt
OTL Extras logfile created on: 29.07.2010 22:59:38 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Administrator\Desktop\Programme\antivirenzeug
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 74,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 102,22 Gb Free Space | 34,30% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 7,72 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NB
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13AC856A-A22D-FCE4-B451-ED692DB1CAC8}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{C5DBD2A7-041C-4127-6EC6-F163B94611D0}" = ATI Catalyst Install Manager
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_AUDIO_HDA_HDMI" = Conexant Audio Driver For AMD HDMI Codec
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Ultravnc2_is1" = UltraVNC 1.0.8.2
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{158100ED-E344-921A-51DA-10A1737F9EE2}" = CCC Help Korean
"{1B6B4437-3F9E-82D5-6631-AC28B3D3EC51}" = CCC Help Turkish
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1E47EF59-E939-A9F1-D29B-0B3FC952A0AF}" = Catalyst Control Center Localization All
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{2B1FA9E4-1E4E-6EB0-67E6-203B7AFDE465}" = CCC Help Chinese Traditional
"{2BB4C7CC-103A-E753-9142-C39C461618F6}" = CCC Help Japanese
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3DDBAEAD-FA8D-1765-1B4B-021A44AE0741}" = CCC Help Greek
"{453E989A-CD2B-1562-01FD-0C8F3E23A2AD}" = ccc-core-static
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5B26151D-EC78-8A9E-27BF-75E841A76F53}" = CCC Help Hungarian
"{5B7A5FE0-4BBC-D43E-F85B-80FCE9CF1230}" = CCC Help Spanish
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6903DF72-FF87-0647-31E8-5962DCB947E7}" = CCC Help Norwegian
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F81103-8507-D08B-05C7-23ED8CD60326}" = CCC Help Dutch
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9B168F1D-4462-C550-C9FD-6DA15E3DE3E3}" = CCC Help Finnish
"{9C916142-C18C-429D-BFED-40094A7E0BEB}" = Die Siedler 7
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{A4B0DBBF-229D-C6BE-1846-A6A3FC58FCC1}" = CCC Help Italian
"{AB7ED389-33A8-B46A-4A8A-F685EF451A5C}" = Catalyst Control Center Graphics Previews Vista
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B9C11A0C-C3FF-FCB2-1BFA-B30400FAFF96}" = Catalyst Control Center InstallProxy
"{BDC08878-78D5-BD3F-9A1A-1F7A0C73D016}" = CCC Help French
"{C298400F-457A-0F2C-9761-CE47C4F7A8F4}" = CCC Help Polish
"{C8F0C3A9-F54A-F172-37CC-8F08503C4FC2}" = CCC Help Thai
"{CBD59871-8F21-5A54-61EC-D7098CF230C2}" = CCC Help Czech
"{CF713C69-2B16-7992-A678-872A01E9BF0F}" = CCC Help Russian
"{D68E8727-3727-59CE-FBFD-C76CDB7D510D}" = CCC Help Danish
"{DE79B545-A51D-6E6F-82B2-7A989CC9F2E5}" = CCC Help Portuguese
"{DF4081B6-8C35-2A1C-1820-3C2186E1A160}" = CCC Help Swedish
"{ED9B5A5D-6D84-4268-1994-39BF60D1BBF5}" = CCC Help German
"{F68D9C4D-DC60-D021-8B2D-CD14E6BD43EA}" = CCC Help English
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FF39D301-6B39-1378-BF92-92FBC983A973}" = CCC Help Chinese Standard
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Aptana Studio 3" = Aptana Studio 3
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"GrabIt_is1" = GrabIt 1.7.2 Beta 4 (build 997)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"Mozilla Thunderbird (3.1.1)" = Mozilla Thunderbird (3.1.1)
"Pidgin" = Pidgin
"QuickPar" = QuickPar 0.9
"StarCraft II" = StarCraft II
"VLC media player" = VLC media player 1.1.0
"Warcraft III" = Warcraft III
"Warkeys" = Warkeys 1.16.0.0b

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.3.3
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 21.07.2010 17:35:08 | Computer Name = nb | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GrabIt.exe, Version: 1.7.2.997, Zeitstempel:
0x00000000 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0x00000000 Fehleroffset: 0x00000000 ID des fehlerhaften Prozesses:
0x818 Startzeit der fehlerhaften Anwendung: 0x01cb291c8fb0b890 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\GrabIt\GrabIt.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: d5475993-950f-11df-ac17-00266c670893

Error - 22.07.2010 08:08:40 | Computer Name = nb | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GrabIt.exe, Version: 1.7.2.997, Zeitstempel:
0x00000000 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0x00000000 Fehleroffset: 0x00000000 ID des fehlerhaften Prozesses:
0x890 Startzeit der fehlerhaften Anwendung: 0x01cb299694d37128 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\GrabIt\GrabIt.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: dcc4269a-9589-11df-8cef-cd3775f6b5ad

Error - 22.07.2010 12:28:32 | Computer Name = nb | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: conviction_game.exe, Version: 0.0.0.0,
Zeitstempel: 0x4bb61465 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bdb3b Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002e29b ID des fehlerhaften
Prozesses: 0x9c8 Startzeit der fehlerhaften Anwendung: 0x01cb29b4722adf82 Pfad der
fehlerhaften Anwendung: C:\games\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 2a9b9c99-95ae-11df-8cef-cd3775f6b5ad

Error - 22.07.2010 15:13:42 | Computer Name = nb | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Autorun.exe_The Settlers 7 - Paths
to a Kingdom, Version: 1.0.0.0, Zeitstempel: 0x46bec82c Name des fehlerhaften Moduls:
Autorun.exe, Version: 1.0.0.0, Zeitstempel: 0x46bec82c Ausnahmecode: 0x40000015 Fehleroffset:
0x0004cdcd ID des fehlerhaften Prozesses: 0x3fc Startzeit der fehlerhaften Anwendung:
0x01cb29d1fca1dad9 Pfad der fehlerhaften Anwendung: C:\Users\ADMINI~1\AppData\Local\Temp\IXP001.TMP\Autorun.exe
Pfad
des fehlerhaften Moduls: C:\Users\ADMINI~1\AppData\Local\Temp\IXP001.TMP\Autorun.exe
Berichtskennung:
3d67a7e0-95c5-11df-91e0-9456f85519a5

Error - 22.07.2010 15:14:36 | Computer Name = nb | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Autorun.exe_The Settlers 7 - Paths
to a Kingdom, Version: 1.0.0.0, Zeitstempel: 0x46bec82c Name des fehlerhaften Moduls:
Autorun.exe, Version: 1.0.0.0, Zeitstempel: 0x46bec82c Ausnahmecode: 0x40000015 Fehleroffset:
0x0004cdcd ID des fehlerhaften Prozesses: 0xd04 Startzeit der fehlerhaften Anwendung:
0x01cb29d21a78d774 Pfad der fehlerhaften Anwendung: C:\Users\ADMINI~1\AppData\Local\Temp\IXP003.TMP\Autorun.exe
Pfad
des fehlerhaften Moduls: C:\Users\ADMINI~1\AppData\Local\Temp\IXP003.TMP\Autorun.exe
Berichtskennung:
5d4180e4-95c5-11df-91e0-9456f85519a5

Error - 24.07.2010 13:07:40 | Computer Name = nb | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GrabIt.exe, Version: 1.7.2.997, Zeitstempel:
0x00000000 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0x00000000 Fehleroffset: 0x00000000 ID des fehlerhaften Prozesses:
0xbd8 Startzeit der fehlerhaften Anwendung: 0x01cb2b2102a125e1 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\GrabIt\GrabIt.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: f6f8376d-9745-11df-9004-fc1c2f82dfaf

Error - 24.07.2010 17:03:00 | Computer Name = nb | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "Games for Windows® - LIVE Client" konnte
nicht heruntergefahren werden.

Error - 25.07.2010 21:00:32 | Computer Name = nb | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: conviction_game.exe, Version: 0.0.0.0,
Zeitstempel: 0x4bb61465 Name des fehlerhaften Moduls: atiumdva.dll, Version: 8.14.10.250,
Zeitstempel: 0x4b9e40bc Ausnahmecode: 0xc0000005 Fehleroffset: 0x00006efa ID des fehlerhaften
Prozesses: 0x734 Startzeit der fehlerhaften Anwendung: 0x01cb2c5a5c4153d9 Pfad der
fehlerhaften Anwendung: C:\games\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe
Pfad
des fehlerhaften Moduls: C:\Windows\system32\atiumdva.dll Berichtskennung: 307919cc-9851-11df-ace0-fd8c52d016a2

Error - 28.07.2010 14:24:42 | Computer Name = nb | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GrabIt.exe, Version: 1.7.2.997, Zeitstempel:
0x00000000 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0x00000000 Fehleroffset: 0x00000000 ID des fehlerhaften Prozesses:
0x830 Startzeit der fehlerhaften Anwendung: 0x01cb2e81a561714b Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\GrabIt\GrabIt.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 639673d4-9a75-11df-aca6-e4c878df2cae

Error - 29.07.2010 08:10:42 | Computer Name = nb | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GrabIt.exe, Version: 1.7.2.997, Zeitstempel:
0x00000000 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0x00000000 Fehleroffset: 0x00000000 ID des fehlerhaften Prozesses:
0xae0 Startzeit der fehlerhaften Anwendung: 0x01cb2ef70ac51055 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\GrabIt\GrabIt.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 4e616afd-9b0a-11df-b053-e89fd9a289ae

[ System Events ]
Error - 27.07.2010 04:27:48 | Computer Name = nb | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.

Error - 27.07.2010 16:27:51 | Computer Name = nb | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.

Error - 28.07.2010 05:07:46 | Computer Name = nb | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.

Error - 28.07.2010 06:43:38 | Computer Name = nb | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.

Error - 28.07.2010 13:49:00 | Computer Name = nb | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.

Error - 28.07.2010 15:40:17 | Computer Name = nb | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.

Error - 29.07.2010 04:20:50 | Computer Name = nb | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.

Error - 29.07.2010 08:12:23 | Computer Name = nb | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.

Error - 29.07.2010 08:14:57 | Computer Name = nb | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.

Error - 29.07.2010 15:32:08 | Computer Name = nb | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.


OTL OTL.txt
OTL logfile created on: 29.07.2010 22:59:38 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Administrator\Desktop\Programme\antivirenzeug
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 74,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 102,22 Gb Free Space | 34,30% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 7,72 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NB
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Administrator\Desktop\Programme\antivirenzeug\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)


========== Modules (SafeList) ==========

MOD - C:\Users\Administrator\Desktop\Programme\antivirenzeug\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (StorSvc) -- C:\Windows\SysNative\StorSvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (NMSAccess) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (DAUpdaterSvc) -- C:\games\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)


========== Driver Services (SafeList) ==========

DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (rtl8192se) -- C:\Windows\SysNative\drivers\rtl8192se.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (CnxtHdmiAudService) -- C:\Windows\SysNative\drivers\CHDMI64.sys (Conexant Systems Inc.)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (PGEffect) -- C:\Windows\SysNative\drivers\PGEffect.sys (TOSHIBA Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 27 0F 7A F2 45 27 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "hxxp://www.spiegel.de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.24 13:08:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.24 13:08:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.07.28 11:08:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2010.07.20 12:23:44 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions
[2010.07.19 18:02:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.07.29 16:15:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\i0o3yalu.default\extensions
[2010.07.20 12:19:46 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\i0o3yalu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.07.29 16:15:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.07.22 21:29:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.07.22 21:29:04 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.06.26 09:47:04 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010.06.26 09:47:04 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010.06.26 09:47:04 | 000,000,769 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010.06.26 09:47:04 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

Geändert von ewigergert (29.07.2010 um 22:24 Uhr)

Alt 29.07.2010, 22:16   #2
ewigergert
 
sex.exe - TR/Dropper.Gen - Standard

sex.exe - TR/Dropper.Gen



O1 HOSTS File: ([2010.07.23 01:37:37 | 000,001,033 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.07.17 00:13:07 | 001,246,440 | R--- | M] (BioWare) - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.04.14 05:17:18 | 000,000,058 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{69e6e951-9322-11df-b7e9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{69e6e951-9322-11df-b7e9-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Installer.exe -- File not found
O33 - MountPoints2\{fca174ce-9381-11df-8f09-00266c670893}\Shell - "" = AutoRun
O33 - MountPoints2\{fca174ce-9381-11df-8f09-00266c670893}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2009.07.17 00:13:07 | 001,246,440 | R--- | M] (BioWare)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.07.29 22:41:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010.07.29 22:38:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2010.07.29 22:38:52 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2010.07.29 22:38:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010.07.29 22:38:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2010.07.29 22:18:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2010.07.29 16:24:37 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Malwarebytes
[2010.07.29 16:24:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.07.29 16:24:25 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.07.29 16:24:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.07.29 16:24:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebyte
[2010.07.27 10:31:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\StarCraft II
[2010.07.27 10:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010.07.26 18:55:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2010.07.25 21:38:21 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\vlc
[2010.07.24 23:03:39 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Games for Windows - LIVE Demos
[2010.07.24 22:57:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\My Games
[2010.07.24 22:56:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.07.24 22:52:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2010.07.24 22:52:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2010.07.24 13:23:21 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Videos
[2010.07.24 13:23:21 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Pictures
[2010.07.24 13:23:21 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Music
[2010.07.24 04:06:18 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\QuickPar
[2010.07.24 03:58:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickPar
[2010.07.23 14:26:24 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Settlers7
[2010.07.23 14:26:11 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents
[2010.07.22 21:48:23 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.07.22 21:29:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.07.22 21:29:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.07.22 21:29:13 | 000,423,656 | ---- | C] (Oracle) -- C:\Windows\SysWow64\deployJava1.dll
[2010.07.22 21:29:13 | 000,153,376 | ---- | C] (Oracle) -- C:\Windows\SysWow64\javaws.exe
[2010.07.22 21:29:13 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\SysWow64\javaw.exe
[2010.07.22 21:29:13 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\SysWow64\java.exe
[2010.07.22 21:29:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010.07.22 16:18:12 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\storage
[2010.07.22 15:48:24 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Searches
[2010.07.22 14:19:23 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Alt.Binz
[2010.07.22 14:18:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\altbinz0.25
[2010.07.22 13:02:28 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Favorites
[2010.07.21 15:37:34 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Ubisoft
[2010.07.21 15:37:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2010.07.21 15:37:03 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2010.07.21 15:37:03 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2010.07.21 15:37:03 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2010.07.21 15:37:03 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2010.07.21 15:37:02 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2010.07.21 15:37:02 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2010.07.21 15:37:01 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2010.07.21 15:37:01 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2010.07.21 15:37:01 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2010.07.21 15:37:01 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2010.07.21 15:37:01 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2010.07.21 15:37:01 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2010.07.21 15:37:00 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2010.07.21 15:37:00 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2010.07.21 15:37:00 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2010.07.21 15:37:00 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2010.07.21 15:36:57 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2010.07.21 15:36:57 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2010.07.21 15:36:57 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2010.07.21 15:36:57 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2010.07.21 15:36:55 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2010.07.21 15:36:55 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2010.07.21 15:36:55 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2010.07.21 15:36:55 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2010.07.21 15:36:50 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2010.07.21 15:36:50 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010.07.21 15:36:48 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2010.07.21 15:36:48 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2010.07.21 15:36:47 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2010.07.21 15:36:47 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2010.07.21 15:36:46 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2010.07.21 15:36:46 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2010.07.21 15:36:45 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010.07.21 15:36:45 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010.07.21 15:36:45 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2010.07.21 15:36:45 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2010.07.21 15:36:44 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2010.07.21 15:36:44 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2010.07.21 15:36:44 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010.07.21 15:36:44 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2010.07.21 15:36:44 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2010.07.21 15:36:44 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2010.07.21 15:36:43 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2010.07.21 15:36:43 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2010.07.21 15:36:42 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2010.07.21 15:36:42 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2010.07.21 15:36:42 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2010.07.21 15:36:42 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010.07.21 15:36:40 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2010.07.21 15:36:40 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2010.07.21 15:36:40 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2010.07.21 15:36:40 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2010.07.21 15:36:39 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2010.07.21 15:36:39 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010.07.21 15:36:39 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2010.07.21 15:36:39 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2010.07.21 15:36:39 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2010.07.21 15:36:39 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2010.07.21 15:36:37 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2010.07.21 15:36:37 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2010.07.21 15:36:37 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2010.07.21 15:36:37 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2010.07.21 15:36:37 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2010.07.21 15:36:37 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2010.07.21 15:36:36 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2010.07.21 15:36:36 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2010.07.21 15:36:35 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2010.07.21 15:36:35 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2010.07.21 15:36:35 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2010.07.21 15:36:35 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2010.07.21 15:36:34 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2010.07.21 15:36:34 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2010.07.21 15:36:34 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2010.07.21 15:36:34 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2010.07.21 15:36:34 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2010.07.21 15:36:34 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2010.07.21 15:36:33 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2010.07.21 15:36:33 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2010.07.21 15:36:29 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2010.07.21 15:36:29 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2010.07.21 15:36:29 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2010.07.21 15:36:29 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2010.07.21 15:36:28 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2010.07.21 15:36:28 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2010.07.21 15:36:28 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2010.07.21 15:36:28 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2010.07.21 15:36:28 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2010.07.21 15:36:28 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2010.07.21 15:36:28 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2010.07.21 15:36:28 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2010.07.21 15:36:27 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2010.07.21 15:36:27 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2010.07.21 15:36:25 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2010.07.21 15:36:25 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2010.07.21 15:36:24 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2010.07.21 15:36:24 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2010.07.21 15:36:23 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2010.07.21 15:36:23 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2010.07.21 15:36:21 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2010.07.21 15:36:21 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2010.07.21 15:36:21 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2010.07.21 15:36:21 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2010.07.21 15:36:20 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2010.07.21 15:36:20 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2010.07.21 15:36:19 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2010.07.21 15:36:19 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2010.07.21 15:36:16 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2010.07.21 15:36:16 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2010.07.21 15:36:16 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2010.07.21 15:36:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2010.07.21 15:36:14 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2010.07.21 15:36:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2010.07.21 15:36:11 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2010.07.21 15:36:11 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2010.07.21 15:36:09 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2010.07.21 15:36:09 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2010.07.21 15:36:09 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2010.07.21 15:36:09 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2010.07.21 15:36:08 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2010.07.21 15:36:08 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2010.07.21 15:36:06 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2010.07.21 15:36:06 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2010.07.21 15:36:06 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2010.07.21 15:36:06 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2010.07.21 15:36:06 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2010.07.21 15:36:06 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2010.07.21 15:36:06 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2010.07.21 15:36:06 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2010.07.21 15:36:05 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2010.07.21 15:36:05 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2010.07.21 15:36:05 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2010.07.21 15:36:05 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010.07.21 15:36:02 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2010.07.21 15:36:02 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2010.07.21 15:36:01 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2010.07.21 15:36:01 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010.07.21 15:36:01 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2010.07.21 15:36:01 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2010.07.21 15:36:01 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2010.07.21 15:36:01 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2010.07.21 15:36:00 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2010.07.21 15:36:00 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2010.07.21 15:36:00 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2010.07.21 15:36:00 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2010.07.21 15:35:59 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2010.07.21 15:35:59 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2010.07.21 15:35:59 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2010.07.21 15:35:59 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2010.07.21 15:35:58 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2010.07.21 15:35:58 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2010.07.21 15:35:58 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2010.07.21 15:35:58 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2010.07.21 15:35:58 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2010.07.21 15:35:58 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2010.07.21 15:35:57 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2010.07.21 15:35:57 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2010.07.21 15:35:56 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2010.07.21 15:35:56 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2010.07.21 15:35:55 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2010.07.21 15:35:55 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2010.07.21 15:35:54 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2010.07.21 15:35:54 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2010.07.21 15:35:53 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2010.07.21 15:35:53 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2010.07.21 15:35:38 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2010.07.21 15:35:38 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010.07.21 15:35:35 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2010.07.21 15:35:35 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2010.07.21 15:35:35 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010.07.21 15:35:35 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2010.07.21 15:35:35 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2010.07.21 15:35:35 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2010.07.21 15:35:35 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2010.07.21 15:35:35 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2010.07.21 15:35:34 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2010.07.21 15:35:34 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2010.07.21 15:35:34 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2010.07.21 15:35:34 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2010.07.21 15:35:33 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2010.07.21 15:35:33 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2010.07.21 15:35:31 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2010.07.21 15:35:31 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2010.07.21 15:15:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2010.07.21 14:06:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Apps
[2010.07.21 14:02:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAMN NFO Viewer
[2010.07.20 23:30:12 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\UltraVNC
[2010.07.20 23:28:45 | 000,000,000 | ---D | C] -- C:\Programme\UltraVNC
[2010.07.20 23:24:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010.07.20 21:35:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GrabIt
[2010.07.20 21:26:19 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Aptana Rubles
[2010.07.20 21:23:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aptana Studio 3
[2010.07.20 12:35:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\.eclipse
[2010.07.20 12:23:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.07.20 12:04:48 | 000,000,000 | ---D | C] -- C:\Users\Administrator\My Documents
[2010.07.20 11:51:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\.purple
[2010.07.20 11:48:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pidgin
[2010.07.20 11:43:16 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2010.07.20 11:43:16 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2010.07.20 11:43:16 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2010.07.20 11:43:16 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2010.07.20 11:43:16 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010.07.20 11:43:16 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2010.07.20 11:43:16 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2010.07.20 11:43:16 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2010.07.20 11:41:48 | 014,629,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010.07.20 11:41:47 | 011,406,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010.07.20 11:41:46 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2010.07.20 11:41:44 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2010.07.20 11:41:42 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010.07.20 11:41:42 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010.07.20 11:41:30 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2010.07.20 03:15:07 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2010.07.20 03:08:22 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010.07.20 03:08:22 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010.07.20 03:08:15 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.07.20 03:08:15 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2010.07.20 03:08:15 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2010.07.20 03:08:15 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010.07.20 03:08:15 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2010.07.20 03:08:15 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2010.07.20 03:08:15 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2010.07.20 03:08:14 | 005,509,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.07.20 03:08:13 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.07.20 03:08:13 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.07.20 03:08:13 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2010.07.20 03:08:03 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010.07.20 03:08:02 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2010.07.20 03:08:02 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2010.07.20 03:08:02 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010.07.20 03:08:01 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.07.20 03:08:01 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.07.20 03:08:01 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2010.07.20 03:08:01 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2010.07.20 03:08:01 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010.07.20 03:08:01 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010.07.20 03:07:52 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2010.07.20 01:42:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\games
[2010.07.20 00:28:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warkeys
[2010.07.20 00:20:31 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe
[2010.07.20 00:19:17 | 000,000,000 | ---D | C] -- C:\games
[2010.07.20 00:06:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010.07.20 00:05:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\DAEMON Tools Lite
[2010.07.20 00:05:55 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.07.19 23:22:48 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\volunteer
[2010.07.19 23:22:33 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\volbackup
[2010.07.19 23:22:28 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Semester 9
[2010.07.19 22:49:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Canneverbe Limited
[2010.07.19 22:49:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2010.07.19 22:49:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
[2010.07.19 22:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.07.19 22:42:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010.07.19 22:42:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010.07.19 22:41:14 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Adobe
[2010.07.19 20:10:59 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\FileZilla
[2010.07.19 20:10:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2010.07.19 20:02:29 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Programme
[2010.07.19 20:00:44 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Avira
[2010.07.19 19:56:44 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2010.07.19 19:56:44 | 000,081,072 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010.07.19 19:56:44 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys
[2010.07.19 19:56:44 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys
[2010.07.19 19:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.07.19 19:56:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2010.07.19 18:02:19 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Thunderbird
[2010.07.19 18:02:19 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Thunderbird
[2010.07.19 18:02:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2010.07.19 17:39:52 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
[2010.07.19 17:38:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2010.07.19 17:38:28 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2010.07.19 17:30:01 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Macromedia
[2010.07.19 17:30:01 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Adobe
[2010.07.19 17:27:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010.07.19 17:25:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2010.07.19 17:15:08 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Eigene Dateien
[2010.07.19 17:14:35 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\studium
[2010.07.19 17:14:24 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\moritz
[2010.07.19 17:14:24 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\GHF
[2010.07.19 17:14:23 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\euen
[2010.07.19 16:58:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autoruns
[2010.07.19 16:46:50 | 000,000,000 | ---D | C] -- C:\Programme\CONEXANT
[2010.07.19 16:34:33 | 018,798,592 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2010.07.19 16:34:33 | 014,226,944 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2010.07.19 16:34:33 | 006,403,072 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atipmdag.sys
[2010.07.19 16:34:33 | 006,403,072 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2010.07.19 16:34:33 | 004,801,536 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2010.07.19 16:34:33 | 004,781,568 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2010.07.19 16:34:33 | 003,800,064 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2010.07.19 16:34:33 | 003,703,808 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2010.07.19 16:34:33 | 003,657,728 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2010.07.19 16:34:33 | 003,131,392 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2010.07.19 16:34:33 | 002,993,152 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2010.07.19 16:34:33 | 002,716,160 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2010.07.19 16:34:33 | 000,497,152 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2010.07.19 16:34:33 | 000,450,560 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2010.07.19 16:34:33 | 000,446,464 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2010.07.19 16:34:33 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2010.07.19 16:34:33 | 000,420,864 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2010.07.19 16:34:33 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2010.07.19 16:34:33 | 000,330,752 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2010.07.19 16:34:33 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2010.07.19 16:34:33 | 000,237,568 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2010.07.19 16:34:33 | 000,202,752 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2010.07.19 16:34:33 | 000,188,928 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2010.07.19 16:34:33 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2010.07.19 16:34:33 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2010.07.19 16:34:33 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe
[2010.07.19 16:34:33 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2010.07.19 16:34:33 | 000,055,296 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2010.07.19 16:34:33 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2010.07.19 16:34:33 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2010.07.19 16:34:33 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2010.07.19 16:34:33 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2010.07.19 16:34:33 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2010.07.19 16:34:33 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2010.07.19 16:34:33 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2010.07.19 16:34:33 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2010.07.19 16:34:33 | 000,043,008 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2010.07.19 16:34:33 | 000,039,936 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2010.07.19 16:34:33 | 000,036,352 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2010.07.19 16:34:33 | 000,028,160 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2010.07.19 16:34:33 | 000,027,648 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2010.07.19 16:34:33 | 000,020,480 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2010.07.19 16:34:33 | 000,016,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2010.07.19 16:34:33 | 000,015,360 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2010.07.19 16:34:33 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2010.07.19 16:34:33 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2010.07.19 16:34:33 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2010.07.19 16:34:33 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2010.07.19 16:34:13 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies
[2010.07.19 16:31:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\WinRAR
[2010.07.19 16:31:27 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2010.07.19 16:24:14 | 000,000,000 | ---D | C] -- C:\mp3s
[2010.07.19 16:09:06 | 000,000,000 | ---D | C] -- C:\Programme\Synaptics
[2010.07.19 16:05:03 | 000,035,008 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\drivers\PGEffect.sys
[2010.07.19 16:04:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TOSHIBA
[2010.07.19 16:03:55 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\InstallShield
[2010.07.19 15:47:21 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\ATI
[2010.07.19 15:47:21 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\ATI
[2010.07.19 15:47:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.07.19 15:46:26 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.07.19 15:46:26 | 000,000,000 | ---D | C] -- C:\Programme\ATI
[2010.07.19 15:46:11 | 000,000,000 | ---D | C] -- C:\treiber
[2010.07.19 15:43:41 | 007,367,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSUSTORicon.dll
[2010.07.19 15:43:26 | 000,232,992 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsUStor.sys
[2010.07.19 15:43:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2010.07.19 15:41:07 | 000,000,000 | ---D | C] -- C:\installs
[2010.07.19 15:30:32 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Mozilla
[2010.07.19 15:30:32 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Mozilla
[2010.07.19 14:22:50 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010.07.19 14:22:50 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.07.19 14:22:49 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010.07.19 14:22:49 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.07.19 14:19:16 | 001,103,904 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\SysNative\drivers\rtl8192se.sys
[2010.07.19 14:19:16 | 000,932,384 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\SysNative\drivers\rtl8192ce.sys
[2010.07.19 14:19:16 | 000,612,352 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\SysNative\drivers\rtl819xp.sys
[2010.07.19 14:19:16 | 000,450,048 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\SysNative\drivers\rtl8187B.sys
[2010.07.19 14:19:16 | 000,442,368 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\SysNative\drivers\rtl8187Se.sys
[2010.07.19 14:19:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek WLAN Driver
[2010.07.19 14:01:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e
[2010.07.19 14:01:23 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010.07.19 14:01:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\WinBatch
[2010.07.19 13:42:42 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.07.19 13:32:17 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Identities
[2010.07.19 13:27:05 | 000,000,000 | --SD | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft
[2010.07.19 13:27:05 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Downloads
[2010.07.19 13:27:05 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Desktop
[2010.07.19 13:27:05 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Vorlagen
[2010.07.19 13:27:05 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\Verlauf
[2010.07.19 13:27:05 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\Temporary Internet Files
[2010.07.19 13:27:05 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Startmenü
[2010.07.19 13:27:05 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\SendTo
[2010.07.19 13:27:05 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Recent
[2010.07.19 13:27:05 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Netzwerkumgebung
[2010.07.19 13:27:05 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Lokale Einstellungen
[2010.07.19 13:27:05 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Eigene Dateien
[2010.07.19 13:27:05 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Druckumgebung
[2010.07.19 13:27:05 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Cookies
[2010.07.19 13:27:05 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\Anwendungsdaten
[2010.07.19 13:27:05 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Anwendungsdaten
[2010.07.19 13:27:05 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData
[2010.07.19 13:27:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Temp
[2010.07.19 13:27:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Microsoft
[2010.07.19 13:27:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Media Center Programs
[2010.07.19 12:51:32 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.07.19 12:51:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.07.19 12:51:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.07.19 12:51:31 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.07.19 12:51:31 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.07.19 12:51:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.07.19 12:51:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.07.19 12:51:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.07.19 12:51:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.07.19 12:51:31 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.07.19 12:51:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.07.19 12:51:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.07.19 12:46:08 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.07.19 12:43:36 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.07.19 12:43:10 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2010.07.29 22:58:46 | 001,048,576 | -HS- | M] () -- C:\Users\Administrator\NTUSER.DAT
[2010.07.29 21:14:45 | 000,014,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.29 21:14:45 | 000,014,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.29 21:11:38 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.07.29 21:11:38 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.07.29 21:11:38 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.07.29 21:11:38 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.07.29 21:11:38 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.07.29 21:07:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.29 21:07:12 | 3113,365,504 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.29 21:00:02 | 003,682,741 | -H-- | M] () -- C:\Users\Administrator\AppData\Local\IconCache.db
[2010.07.29 14:14:17 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.07.26 18:50:10 | 000,099,962 | ---- | M] () -- C:\Users\Administrator\Desktop\studienzeitbescheinigung.pdf
[2010.07.26 18:48:46 | 000,099,721 | ---- | M] () -- C:\Users\Administrator\Desktop\studienbescheinigungss2010.pdf
[2010.07.25 15:02:03 | 000,000,927 | ---- | M] () -- C:\Users\Administrator\Desktop\Downloads.lnk
[2010.07.23 01:37:37 | 000,001,033 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010.07.22 21:29:01 | 000,423,656 | ---- | M] (Oracle) -- C:\Windows\SysWow64\deployJava1.dll
[2010.07.22 21:29:01 | 000,153,376 | ---- | M] (Oracle) -- C:\Windows\SysWow64\javaws.exe
[2010.07.22 21:29:01 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\SysWow64\javaw.exe
[2010.07.22 21:29:01 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\SysWow64\java.exe
[2010.07.21 23:34:47 | 077,952,000 | ---- | M] () -- C:\Windows\SysWow64\ffr-dow2.055
[2010.07.20 00:49:48 | 000,095,213 | ---- | M] () -- C:\Windows\War3Unin.dat
[2010.07.20 00:23:05 | 000,002,829 | ---- | M] () -- C:\Windows\War3Unin.pif
[2010.07.20 00:23:04 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe
[2010.07.20 00:06:32 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.07.19 23:55:56 | 000,001,501 | ---- | M] () -- C:\Users\Administrator\Desktop\mp3.lnk
[2010.07.19 16:38:41 | 000,057,560 | ---- | M] () -- C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.07.19 16:38:03 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.19 16:37:51 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010.07.19 16:09:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010.07.19 15:35:46 | 000,000,017 | ---- | M] () -- C:\Users\Administrator\AppData\Local\resmon.resmoncfg
[2010.07.19 15:30:33 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010.07.19 14:00:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.07.19 13:30:17 | 000,524,288 | -HS- | M] () -- C:\Users\Administrator\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.07.19 13:30:17 | 000,524,288 | -HS- | M] () -- C:\Users\Administrator\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.07.19 13:30:17 | 000,065,536 | -HS- | M] () -- C:\Users\Administrator\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.07.19 13:27:05 | 000,000,020 | -HS- | M] () -- C:\Users\Administrator\ntuser.ini
[2010.07.19 12:46:56 | 000,057,035 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.07.19 12:46:56 | 000,057,035 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010.07.12 10:25:43 | 000,055,354 | ---- | M] () -- C:\Users\Administrator\Desktop\Notenauszug.pdf
[2010.07.07 12:51:20 | 000,015,293 | ---- | M] () -- C:\Users\Administrator\Desktop\Selbstauskunft.pdf

========== Files Created - No Company Name ==========

[2010.07.26 18:50:09 | 000,099,962 | ---- | C] () -- C:\Users\Administrator\Desktop\studienzeitbescheinigung.pdf
[2010.07.26 18:48:46 | 000,099,721 | ---- | C] () -- C:\Users\Administrator\Desktop\studienbescheinigungss2010.pdf
[2010.07.25 15:02:03 | 000,000,927 | ---- | C] () -- C:\Users\Administrator\Desktop\Downloads.lnk
[2010.07.21 23:34:47 | 077,952,000 | ---- | C] () -- C:\Windows\SysWow64\ffr-dow2.055
[2010.07.20 00:20:31 | 000,095,213 | ---- | C] () -- C:\Windows\War3Unin.dat
[2010.07.20 00:20:31 | 000,002,829 | ---- | C] () -- C:\Windows\War3Unin.pif
[2010.07.20 00:06:32 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.07.19 23:37:29 | 000,001,501 | ---- | C] () -- C:\Users\Administrator\Desktop\mp3.lnk
[2010.07.19 23:23:13 | 000,106,254 | ---- | C] () -- C:\Users\Administrator\Desktop\PB_Formelsammlung.pdf
[2010.07.19 22:49:20 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010.07.19 22:49:20 | 000,005,504 | ---- | C] () -- C:\Windows\SysNative\drivers\StarOpen.sys
[2010.07.19 17:14:23 | 000,173,151 | ---- | C] () -- C:\Users\Administrator\Desktop\OnlineSemesterbescheinigung.pdf
[2010.07.19 17:14:23 | 000,055,354 | ---- | C] () -- C:\Users\Administrator\Desktop\Notenauszug.pdf
[2010.07.19 17:14:23 | 000,029,562 | ---- | C] () -- C:\Users\Administrator\Desktop\Pruefungstermine_SS2010.pdf
[2010.07.19 17:14:23 | 000,015,293 | ---- | C] () -- C:\Users\Administrator\Desktop\Selbstauskunft.pdf
[2010.07.19 16:37:51 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.07.19 16:34:33 | 000,511,072 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2010.07.19 16:34:33 | 000,511,072 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2010.07.19 16:34:33 | 000,332,288 | ---- | C] () -- C:\Windows\SysNative\ATIODE.exe
[2010.07.19 16:34:33 | 000,201,875 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2010.07.19 16:34:33 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\ATIODCLI.exe
[2010.07.19 16:34:33 | 000,033,624 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2010.07.19 16:34:33 | 000,020,692 | ---- | C] () -- C:\Windows\atiogl.xml
[2010.07.19 16:34:33 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.07.19 16:34:33 | 000,001,105 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2010.07.19 16:09:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010.07.19 15:35:46 | 000,000,017 | ---- | C] () -- C:\Users\Administrator\AppData\Local\resmon.resmoncfg
[2010.07.19 15:30:33 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.07.19 14:19:15 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2010.07.19 14:00:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.07.19 13:27:05 | 001,048,576 | -HS- | C] () -- C:\Users\Administrator\NTUSER.DAT
[2010.07.19 13:27:05 | 000,524,288 | -HS- | C] () -- C:\Users\Administrator\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.07.19 13:27:05 | 000,524,288 | -HS- | C] () -- C:\Users\Administrator\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.07.19 13:27:05 | 000,262,144 | -HS- | C] () -- C:\Users\Administrator\ntuser.dat.LOG1
[2010.07.19 13:27:05 | 000,065,536 | -HS- | C] () -- C:\Users\Administrator\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.07.19 13:27:05 | 000,000,020 | -HS- | C] () -- C:\Users\Administrator\ntuser.ini
[2010.07.19 13:27:05 | 000,000,000 | -HS- | C] () -- C:\Users\Administrator\ntuser.dat.LOG2
[2010.07.19 12:43:11 | 3113,365,504 | -HS- | C] () -- C:\hiberfil.sys
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

========== LOP Check ==========

[2010.07.29 22:07:48 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\.purple
[2010.07.19 22:49:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Canneverbe Limited
[2010.07.20 00:17:38 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DAEMON Tools Lite
[2010.07.21 00:02:20 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\FileZilla
[2010.07.19 18:02:20 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Thunderbird
[2010.07.21 15:37:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Ubisoft
[2010.07.19 14:01:05 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\WinBatch
[2009.07.14 07:08:49 | 000,002,898 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========





Viele Grüße
ewigergert
__________________


Geändert von ewigergert (29.07.2010 um 22:36 Uhr)

Antwort

Themen zu sex.exe - TR/Dropper.Gen
adblock, administrator, adobe, avgntflt.sys, avira, c:\windows\system32\rundll32.exe, chdrt64.sys, desktop, dll, error, explorer, extras.txt, firefox.exe, flash player, format, install.exe, langs, local\temp, location, logfile, mozilla, mozilla thunderbird, ntdll.dll, nvidia, oldtimer, otl.exe, otl.txt, programm, programme, realtek, registry, rundll, saver, sched.exe, searchplugins, security, shell32.dll, shortcut, software, sptd.sys, staropen, studio, syswow64, temp, tr/dropper.gen, trojan, usb, usb 2.0, virus, vlc media player, wlan




Ähnliche Themen: sex.exe - TR/Dropper.Gen


  1. (mehrere) Trojanermeldung(en) AVG (Win8.1) : "Trojaner: Dropper.Generic2.ANGG.dropper"
    Log-Analyse und Auswertung - 11.07.2014 (3)
  2. TR/Dropper.Gen
    Log-Analyse und Auswertung - 01.12.2011 (15)
  3. TR/Dropper.Gen
    Log-Analyse und Auswertung - 17.05.2011 (7)
  4. Trojaner TR/ Dropper.Gen u. Trojaner TR/ Dropper.Gen2 entfernt, dennoch überlastung
    Plagegeister aller Art und deren Bekämpfung - 14.05.2010 (9)
  5. TR/Dropper.gen
    Plagegeister aller Art und deren Bekämpfung - 12.01.2010 (11)
  6. TR/Dropper.gen
    Log-Analyse und Auswertung - 16.12.2009 (20)
  7. Dropper.Gen Log
    Log-Analyse und Auswertung - 12.12.2009 (1)
  8. TR/Dropper.Gen
    Plagegeister aller Art und deren Bekämpfung - 13.11.2009 (10)
  9. TR / Dropper :gen
    Log-Analyse und Auswertung - 12.11.2009 (1)
  10. TR/Dropper.Gen
    Plagegeister aller Art und deren Bekämpfung - 06.11.2009 (3)
  11. 2x TR/dropper.gen
    Plagegeister aller Art und deren Bekämpfung - 29.10.2009 (2)
  12. TR/Dropper.gen
    Plagegeister aller Art und deren Bekämpfung - 21.10.2009 (0)
  13. TR/dropper.gen
    Plagegeister aller Art und deren Bekämpfung - 05.08.2009 (1)
  14. Dropper.gen
    Log-Analyse und Auswertung - 16.04.2009 (7)
  15. TR\Dropper.Gen
    Plagegeister aller Art und deren Bekämpfung - 14.04.2009 (57)
  16. Dropper.Gen
    Log-Analyse und Auswertung - 06.04.2009 (0)
  17. tr/dropper gen
    Mülltonne - 23.09.2008 (0)

Zum Thema sex.exe - TR/Dropper.Gen - Hi, hatte ewig keine Virenprobleme mehr, aber jetzt hats mich wohl erwischt. AntiVir meldet: Zitat: In der Datei 'C:\Users\Administrator\AppData\Local\Temp\IXP000.TMP\sex.exe' wurde ein Virus oder unerwünschtes Programm 'TR/Dropper.Gen' [trojan] gefunden. Und Nein, - sex.exe - TR/Dropper.Gen...
Archiv
Du betrachtest: sex.exe - TR/Dropper.Gen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.